﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using Project3.Models;
using System.Web.Security;

namespace Project3.Controllers
{
    public class MeetingsController : Controller
    {
        MeetingsRepository meetingsRepository = new MeetingsRepository();

        //
        // GET: /Meetings/

        public ActionResult Index()
        {
            return View(meetingsRepository.FindUpcomingMeetings().ToList());
        }

        //
        // GET: /Meetings/Details/2

        public ActionResult Details(int id)
        {
            Meeting meeting = meetingsRepository.GetMeeting(id);
            if (meeting == null) return View("NotFound");
            return View(meeting);
        }

        //
        // GET: /Meetings/Edit/2
        [Authorize(Roles = "Admin, Moderator, Organizer")]
        public ActionResult Edit(int id)
        {
            Meeting m = meetingsRepository.GetMeeting(id);
            
            if (!User.IsInRole("Admin") || !User.IsInRole("Moderator"))
                return View(m);
            if (!User.IsInRole("Organizer") && !User.Identity.Name.Equals(m.Host.Username))
                return View(m);

            return RedirectToAction("Index"); //You must have privileges
        }

        //
        // POST: /Meetings/Edit/2

        [HttpPost, Authorize(Roles = "Admin, Moderator, Organizer")]
        public ActionResult Edit(int id, Meeting meeting)
        {
            Meeting m = meetingsRepository.GetMeeting(id);
            if (!TryUpdateModel(meeting)) 
                return View(meeting);

            meetingsRepository.Add(meeting);
            return RedirectToAction("Index");
        }

        //
        // GET: Meetings/Create
        [Authorize(Roles = "Admin, Moderator")]
        public ActionResult Create()
        {
            Meeting meeting = new Meeting();
            return View(meeting);
        }

        //
        // POST: /Meetings/Create

        [HttpPost, Authorize(Roles = "Admin, Moderator")]
        public ActionResult Create(Meeting meeting)
        {
            if (!TryUpdateModel(meeting)) 
                return View(meeting);

            meetingsRepository.Add(meeting);
            Roles.AddUserToRole(User.Identity.Name, "Organizer");
            return RedirectToAction("Index");
        }

        //
        // GET: /Meetings/Delete/2
        [Authorize(Roles = "Admin, Moderator, Organizer")]
        public ActionResult Delete(int id)
        {
            Meeting m = meetingsRepository.GetMeeting(id);
            
            if (m == null) return View("NotFound");

            if (!User.IsInRole("Admin") || !User.IsInRole("Moderator"))
                return RedirectToAction("Index");
            if (!User.IsInRole("Organizer") && !User.Identity.Name.Equals(m.Host.Username))
                return RedirectToAction("Index");
            
            return View(m);
        }

        //
        // POST: /Meetings/Delete/2
        [HttpPost, Authorize(Roles = "Admin, Moderator, Organizer")]
        public ActionResult Delete(int id, FormCollection collection)
        {
            meetingsRepository.Delete(id);
            if(meetingsRepository.FindAllMeetings().Count(p => p.Host.Username == User.Identity.Name) == 0) Roles.RemoveUserFromRole(User.Identity.Name, "Organizer");
            return View("Deleted");
        }
    }
}
